By Jason Miller
November 6, 2007
White House officials today asked Congress  for more than $436
million in new cybersecurity and counterterrorism programs in the
Homeland Security and Justice departments fiscal 2008 spending bills.
These amendments are necessary to enhance Federal civilian agency
cybersecurity and strengthen defenses to combat terrorism, President
George Bush wrote in a letter to House speaker Nancy Pelosi (D-Calif.).
Bush said $386 million of the new spending would be offset by reductions
in previously requested funding and cancellation of unobligated
balances, and $50 million would come from funds appropriated in U.S.
Troop Readiness, Veterans Care, Hurricane Katrina Recovery and Iraq
Accountability Appropriations Act of 2007.
The House and Senate have passed separate versions of the bills, which
are awaiting the conference committee so lawmakers can work out their
differences. The Senate has appointed conferees for both bills, but the
House has not.
"This is an area that has been severly lacking the administrations
attention," said Joy Fox, spokeswoman for Rep. Jim Langevin (D-R.I.),
chairman of the Homeland Security Subcommitte on Emerging Threats,
Cybersecurity, and Science and Technology. "Chairman Langevin is
encouraged to see any action from the administration that addresses
concerns he has repeatedly raised through hearings and through
announcement of the cybersecurity commission."
It has been rumored that White House officials may announce a new
cybersecurity initiative, but it is unclear whether this is it or just a
piece of it.
In the request, the administration asked for $115 million to enhance DHS
ability to deploy the Einstein program through the U.S. Computer
Emergency Readiness Team. Einstein monitors about 13 participating
agencies network gateways for traffic patterns that indicate the
presence of computer worms or other unwanted traffic. By collecting
traffic information summaries at agency gateways, Einstein gives US-CERT
analysts and participating agencies a big-picture view of bad activity
on federal networks.
"They know monitoring works and they want more monitoring," said Alan
Paller, director of research at the Sans Institute. "The money will be
used to get out more monitoring more quickly and do more analysis of the
data. That is useful and necessary because what they discovered is the
federal perimeter is broken. One of few ways to find bad guys in [the]
perimeter is a more intent analysis of traffic coming out of the
The extra money would help DHS expand the program more quickly. In an
interview earlier this year, Mike Witt, US-CERTs deputy director, said
the office plans to have most Cabinet-level agencies in the program by
the end of 2008 and then expand participation to more of the midsize and
small federal agencies later.
DHS requested about $13.9 million for Einstein in 2008, according to
agency budget documents. There is no cost for agencies to sign up for
Einstein, but DHS must have the money for people and equipment to set up
the system on agency routers.
Justice, meanwhile, would receive $39 million to help the FBI
investigate incursions into federal networks, increase intelligence
analysis and provide technical tools for investigations and analysis.
"These are two things that are most successful and needed money," said
Paller. "There will be a huge amount of money spent on cyber projects
and I believe this is the budget for public facing part. The rest will
be in the black budget."
Bush also requested an additional $282 million to combat terrorism at
The DHS request would increase the National Protection and Programs
Directorates budget to more than $653.2 million. The FBIs increase would
come in salaries and expenses where more than $6.4 billion would be
available for cybersecurity and counterterrorism work.
"More money for the FBI is essential," Paller said. "The number of cases
they have to turn down is breathtaking. They dont have the bodies to
follow up on all cases and as long as bad guys assume they will not get
caught, they will accelerate their attacks."
To find the extra money, Bush recommends using unobligated funds from a
number of different DHS offices, including the chief information officer
($873,000), the Customs an Border Protection automation modernization
project ($6.1 million) and the Science and Technology Directorate
Fox said Langevin will follow this request would consider sending a
letter of support to the appropriations committee.
"Hopefully this is the start of a real commitment from the
administration on cybersecurity across the board," Fox said.
CSI 2007 is the only conference that delivers a business-focused
overview of enterprise security. It will convene 1,500+ delegates,
80 exhibitors and features 100+ sessions/seminars providing a
roadmap for integrating policies and procedures with new tools
and techniques. Register now for savings on conference fees
and/or free exhibits admission. - www.csiannual.com